当从外部源(即 Excel、Word 等)单击链接时,为什么 cookie 无法识别 [英] Why are cookies unrecognized when a link is clicked from an external source (i.e. Excel, Word, etc...)
问题描述
我注意到,当从 Web 浏览器(例如 Excel 或 Word)外部单击链接时,最初无法识别我的会话 cookie,即使该链接在同一浏览器窗口的新选项卡中打开也是如此.
浏览器最终会识别出它的 cookie,但我很困惑为什么来自 Excel 或 Word 的初始链接不起作用.为了使其更具挑战性,在 Outlook 中单击链接也可以正常工作.
有人知道为什么会发生这种情况吗?我在 PHP 5.3 中使用 Zend 框架.
这是因为 MS Office 正在使用 Hlink.dll 组件来查找链接是 Office 文档还是其他内容.MS Office 希望在不借助外部浏览器的情况下打开文档内链接的文档(使用 IE6 的 Hlink.dll 组件).
如果会话 cookie 保护网站 Hlink 自然会被重定向到登录页面并到达 HTML 页面并且无法理解"它在外部浏览器中打开它.请注意,它打开的不是原始 URL(预期行为)而是重定向的结果,即使它是 302 重定向.
Microsoft 在不受支持的组件 (Hlink.dll) 中存在该错误,而不是他们将其翻过来我们的头(试图说服我们这是我们使用的 SSO 系统的缺陷,即会话 cookie)并拒绝升级它.它提供了关闭 MS Office 查找功能的解决方法:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftOffice9.0CommonInternetForceShellExecute:DWORD=1或者为我们提供解决服务器端的方法,以避免 HTTP 重定向并更改为 Javascript 重定向或 META REFRESH 重定向(即让 Hlink 在原始 URL 上获取文本/html 页面并使其运行外部浏览器来处理它).
I noticed that when a link is clicked externally from the web browser, such as from Excel or Word, that my session cookie is initially unrecognized, even if the link opens up in a new tab of the same browser window.
The browser ends up recognizing its cookie eventually, but I am puzzled as to why that initial link from Excel or Word doesn't work. To make it even more challenging, clicking a link works fine from Outlook.
Does anybody know why this might be happening? I'm using the Zend Framework with PHP 5.3.
This is because MS Office is using Hlink.dll component to lookup if the link is Office document or something else. MS Office expect to open the document linked within documents without the aid of external browser (using Hlink.dll component of IE6).
If session cookie protects website Hlink naturally is being redirected to login page and having reached HTML page and not able to "understand" it opens it in external browser. Note that it opens not original URL (expected behavior) but the result of redirect, even if it was 302 redirect.
Microsoft has that bug in unsupported component (Hlink.dll), instead of recognizing the bug they turn it over to our head (trying to convince us that it is flaw of SSO system we use, i.e. session cookies) and refuses to upgrade it. It offers workaround that turns off the lookup functionality of MS Office:
HKEY_LOCAL_MACHINESOFTWAREMicrosoft
Office9.0CommonInternetForceShellExecute:DWORD=1
Or offer us to workaround serverside, to avoid HTTP redirects and change into Javascript redirects or META REFRESH redirects (i.e. to have Hlink get text/html page on original URL and make it run external browser to handle it).
这篇关于当从外部源(即 Excel、Word 等)单击链接时,为什么 cookie 无法识别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
